TechAthos logo

Cybersecurity & AI Insights

Dennis’s independent research on tech, threat intel & automation

Tools

Field Kits for the Modern Defender

Curated playbooks and utilities the team leans on when triaging incidents, stabilising infrastructure, and turning telemetry into evidence. Browse by discipline to find the right workflow accelerator.

Forensics

Disk, memory, and timeline tooling for evidence-first investigations.

  • Autopsy App

    Open-source GUI that layers Sleuth Kit modules for rapid triage, artifact discovery, and cross-case correlation—ideal for combining timeline, registry, and mobile data in one review pane.

  • FTK Imager

    Lightweight acquisition utility that captures pristine disk images, volatile memory, and logical files while validating hashes, making it perfect for courtroom-ready collections from compromised hosts.

Incident Response

Containment and hunt kits that shrink dwell time.

  • Velociraptor

    Endpoint query engine that lets responders sweep fleets for indicators, pull targeted artifacts, and automate scoping playbooks using VQL collections.

  • Red Canary Threat Intel Feeds

    Curated behavioral detections mapped to ATT&CK, helping incident leads validate hypotheses and enrich SIEM alerts with ready-to-run hunt queries.

Automation

Workflow engines to codify repeatable responses.

  • StackStorm

    Event-driven automation platform that wires alerts to vetted response packs, ensuring approvals, playbook branching, and evidence handling are scripted end-to-end.

  • GitHub Actions Blueprints

    Reusable pipelines for IaC checks, dependency scanning, and artifact signing so DevSecOps teams can gate deployments with the same guardrails every run.